Featured Slideshow

In a Dallas courtroom on Thursday, writer and activist Barrett Brown was sentenced to 63 months in prison and was ordered to pay a little more than $890,000 in restitution and fines, according to reports.

Upcoming Live Events

Be sure to stay tuned for breaking news on our 2015 conference and expo, which promises to deliver even more innovative programming and an enhanced showcase of the latest cyber security solutions you must see.

A security researcher, who has previously warned manufacturers about security concerns impacting insulin pumps, has uncovered a new issue in the devices that could have dangerous consequences for patients.

Jay Radcliffe, a Type 1 diabetic who works as a senior security analyst at Washington, D.C.-based firm InGuardians, revealed at Black Hat 2013 on Wednesday that a memory storage flaw greatly skewed the amount of insulin he needed to manage his blood glucose levels.

He told conference attendees that the device malfunctioned in March after he changed its battery, leading him to uncover that the insulin pump would forget important data stored in it after a battery change.

According to Radcliffe, who has brought to light insulin pump vulnerabilities before, the issue led him to mistakenly infuse himself with too much insulin to correct his glucose levels – eight units too many, to be exact.

Additionally, the issues he ran into when trying to get the manufacturer, Animas, to rectify the problem, further highlighted the fact that vendors must become more proactive in securing their products.

Of his research over the years, Radcliffe said he's run into many critics who accused him of exaggerating the hacking threat to diabetics when conveying his findings.

He defended his disclosures, saying that even if the chance of hackers taking advantage of security concerns in devices was low, it didn't denote that the threat was insignificant. In fact, he said, his research has revealed quite the opposite.

“I've had a lot of people talk about the idea of sensationalizing the issue of medical device risks,” Radcliffe told attendees, later adding that “just because the risk is low, doesn't mean it can't happen” or that researchers (or users) should ignore it.

SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.